parent
280f4bebbf
commit
5a62ae5cbf
4 changed files with 14 additions and 1 deletions
|
@ -436,6 +436,10 @@ ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
||||||
REQUIRE_SIGNIN_VIEW = false
|
REQUIRE_SIGNIN_VIEW = false
|
||||||
; Mail notification
|
; Mail notification
|
||||||
ENABLE_NOTIFY_MAIL = false
|
ENABLE_NOTIFY_MAIL = false
|
||||||
|
; This setting enables gitea to be signed in with HTTP BASIC Authentication using the user's password
|
||||||
|
; If you set this to false you will not be able to access the tokens endpoints on the API with your password
|
||||||
|
; Please note that setting this to false will not disable OAuth Basic or Basic authentication using a token
|
||||||
|
ENABLE_BASIC_AUTHENTICATION = true
|
||||||
; More detail: https://github.com/gogits/gogs/issues/165
|
; More detail: https://github.com/gogits/gogs/issues/165
|
||||||
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
|
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
|
||||||
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
|
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
|
||||||
|
|
|
@ -265,6 +265,10 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
|
||||||
- `REQUIRE_SIGNIN_VIEW`: **false**: Enable this to force users to log in to view any page.
|
- `REQUIRE_SIGNIN_VIEW`: **false**: Enable this to force users to log in to view any page.
|
||||||
- `ENABLE_NOTIFY_MAIL`: **false**: Enable this to send e-mail to watchers of a repository when
|
- `ENABLE_NOTIFY_MAIL`: **false**: Enable this to send e-mail to watchers of a repository when
|
||||||
something happens, like creating issues. Requires `Mailer` to be enabled.
|
something happens, like creating issues. Requires `Mailer` to be enabled.
|
||||||
|
- `ENABLE_BASIC_AUTHENTICATION`: **true**: Disable this to disallow authenticaton using HTTP
|
||||||
|
BASIC and the user's password. Please note if you disable this you will not be able to access the
|
||||||
|
tokens API endpoints using a password. Further, this only disables BASIC authentication using the
|
||||||
|
password - not tokens or OAuth Basic.
|
||||||
- `ENABLE_REVERSE_PROXY_AUTHENTICATION`: **false**: Enable this to allow reverse proxy authentication.
|
- `ENABLE_REVERSE_PROXY_AUTHENTICATION`: **false**: Enable this to allow reverse proxy authentication.
|
||||||
- `ENABLE_REVERSE_PROXY_AUTO_REGISTRATION`: **false**: Enable this to allow auto-registration
|
- `ENABLE_REVERSE_PROXY_AUTO_REGISTRATION`: **false**: Enable this to allow auto-registration
|
||||||
for reverse authentication.
|
for reverse authentication.
|
||||||
|
|
|
@ -224,6 +224,9 @@ func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool)
|
||||||
}
|
}
|
||||||
|
|
||||||
if u == nil {
|
if u == nil {
|
||||||
|
if !setting.Service.EnableBasicAuth {
|
||||||
|
return nil, false
|
||||||
|
}
|
||||||
u, err = models.UserSignIn(uname, passwd)
|
u, err = models.UserSignIn(uname, passwd)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !models.IsErrUserNotExist(err) {
|
if !models.IsErrUserNotExist(err) {
|
||||||
|
|
|
@ -23,6 +23,7 @@ var Service struct {
|
||||||
ShowRegistrationButton bool
|
ShowRegistrationButton bool
|
||||||
RequireSignInView bool
|
RequireSignInView bool
|
||||||
EnableNotifyMail bool
|
EnableNotifyMail bool
|
||||||
|
EnableBasicAuth bool
|
||||||
EnableReverseProxyAuth bool
|
EnableReverseProxyAuth bool
|
||||||
EnableReverseProxyAutoRegister bool
|
EnableReverseProxyAutoRegister bool
|
||||||
EnableReverseProxyEmail bool
|
EnableReverseProxyEmail bool
|
||||||
|
@ -60,6 +61,7 @@ func newService() {
|
||||||
Service.EmailDomainWhitelist = sec.Key("EMAIL_DOMAIN_WHITELIST").Strings(",")
|
Service.EmailDomainWhitelist = sec.Key("EMAIL_DOMAIN_WHITELIST").Strings(",")
|
||||||
Service.ShowRegistrationButton = sec.Key("SHOW_REGISTRATION_BUTTON").MustBool(!(Service.DisableRegistration || Service.AllowOnlyExternalRegistration))
|
Service.ShowRegistrationButton = sec.Key("SHOW_REGISTRATION_BUTTON").MustBool(!(Service.DisableRegistration || Service.AllowOnlyExternalRegistration))
|
||||||
Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool()
|
Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool()
|
||||||
|
Service.EnableBasicAuth = sec.Key("ENABLE_BASIC_AUTHENTICATION").MustBool(true)
|
||||||
Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
|
Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
|
||||||
Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
|
Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
|
||||||
Service.EnableReverseProxyEmail = sec.Key("ENABLE_REVERSE_PROXY_EMAIL").MustBool()
|
Service.EnableReverseProxyEmail = sec.Key("ENABLE_REVERSE_PROXY_EMAIL").MustBool()
|
||||||
|
|
Reference in a new issue